Hello,
I am working through the railsspace tutorrial, and i''ve noticed that
the password validation is no longer working.
I can get screen_name and email to validate, but for some reason, the
password field is ignored...
here''s what i have so far:
within user.rb file
PASSWORD_MIN_LENGTH = 4
PASSWORD_MAX_LENGTH = 40
validates_length_of :password, :within => PASSWORD_RANGE
def validate
errors.add(:email, "must be valid.") unless
email.include?("@")
if screen_name.include?(" ")
errors.add(:screen_name, "cannot include spaces.")
if password.include?(" ")
errors.add(:password, "Must be filled in")
end
end
In my user controller, i have a digest to mask the password in the
database at registration:
def register
@title = "Register"
if request.post? and params[:user]
@user = User.new(params[:user])
@user.password = Digest::SHA1.hexdigest
(@user.password)
if @user.save
session[:user_id] = @user.id
flash[:notice] = "User ''#{@user.screen_name}''
created!"
redirect_to :action => "index", :controller =>
"user"
else @user.password = nil
end
end
end
If I remove the Digest line, the password validation works again, but
this means any password is then visible. I moved the digest line so it
appeared AFTER the user.save.
This solved the validation issue, but displayed the password in the
database,
How do i get round this??
many thanks
Hello! Try to look at authlogic plugin for user authentication: http://github.com/binarylogic/authlogic/tree/master Its really cool!> if password.include?(" ") > errors.add(:password, "Must be filled in")why?? for saving crypted password in database use before_create callback class User < AR::B before_cerate :crypt_password protected def crypt_password self.password = Digest::SHA1.hexdigest(password) end end On 12 сен, 12:21, RubyonRails_newbie <craigwest...-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org> wrote:> Hello, > > I am working through the railsspace tutorrial, and i''ve noticed that > the password validation is no longer working. > > I can get screen_name and email to validate, but for some reason, the > password field is ignored... > > here''s what i have so far: > > within user.rb file > PASSWORD_MIN_LENGTH = 4 > PASSWORD_MAX_LENGTH = 40 > > validates_length_of :password, :within => PASSWORD_RANGE > > def validate > errors.add(:email, "must be valid.") unless email.include?("@") > if screen_name.include?(" ") > errors.add(:screen_name, "cannot include spaces.") > if password.include?(" ") > errors.add(:password, "Must be filled in") > end > > end > > In my user controller, i have a digest to mask the password in the > database at registration: > > def register > > @title = "Register" > if request.post? and params[:user] > @user = User.new(params[:user]) > -eTHPNk8gMIsNG5+lYJWuzQ@public.gmane.org = Digest::SHA1.hexdigest > (@user.password) > if @user.save > > session[:user_id] = @user.id > flash[:notice] = "User ''...@user.screen_name}'' created!" > redirect_to :action => "index", :controller => "user" > else @user.password = nil > > end > > end > > end > > If I remove the Digest line, the password validation works again, but > this means any password is then visible. I moved the digest line so it > appeared AFTER the user.save. > This solved the validation issue, but displayed the password in the > database, > > How do i get round this?? > > many thanks
Hi
You can solve it like
@user.password = Digest::SHA1.hexdigest(@user.password) if
@user.valid?
Change only the above line .
What happens in your code is empty string also gets digested So
fails validation.
Sijo
--
Posted via http://www.ruby-forum.com/.
Thanks!!
@user.password = Digest::SHA1.hexdigest(@user.password)
if> @user.valid?
works perfectly!
thanks a lot!!
On 12 Sep, 09:54, Sijo Kg
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
wrote:> Hi
> You can solve it like
>
> @user.password = Digest::SHA1.hexdigest(@user.password) if
> @user.valid?
>
> Change only the above line .
> What happens in your code is empty string also gets digested So
> fails validation.
>
> Sijo
> --
> Posted viahttp://www.ruby-forum.com/.